Risk treatment
Weitere Optionen
Treatment R&O
The menu item Treatment R&O (risks & opportunities) offers three views that help get an overview of risks and opportunities and see how they are handled.
To navigate to the individual views, it is necessary to click on the respective item in the menu shown in the image.
In each one of the views you can choose whether you want to see all risks and opportunities or only those of the current management system.
Measures
Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control-Matrix", all measures available in the current management system for treatment are listed with their assigned risks and opportunities.
Click on an arrow next to a measure and see what risks and opportunities it is assigned to. Click the measure itself to be taken to it and see its progress, if you are an Expert or Professional for the administration of measures and controls.
Measures - Risks & opportunities - Resources
Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control Matrix", all measures that serve to treat risks and opportunities in the current management system are listed with all linked risks/opportunities and resources.
This overview helps to identify which measure is responsible for the elimination or reduction of one or more risks or the exploitation of one or more opportunities. It also shows which resources are threatened by the risks or empowered by the opportunities.
Risk-Control-Matrix
Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control Matrix", all risks from all management systems (which are not set to private) are displayed. The respective controls that are linked to the risk are also displayed for the risks. Opportunities are also shown in this overview, however its focus is on the risk.
The risk-control-matrix complies with the minimum requirements of Section 11 (1) (5) SKS-PV and thus meets essential requirements of tax control systems used by tax advisors and auditors.
Double-click on an entry to open the respective risk or opportunity.
To view all columns, the scrollbar at the bottom of the table can be used. Furthermore, the table can also be exported to Excel (see image below).
Using the option "Display measures" (checkbox at the top left), in addition to the controls the measures assigned to the risks can be displayed in the risk-control-matrix. They are shown in the respective control columns; see more about the mapping here.
Columns
The following section describes what content can be found in each column.
Entity: Entities associated with the risk are displayed here.
| Column | Description |
|---|---|
| Type | The type (data category, process, OrgEh, resource) of the entity. |
| Name | The name of the entity in question. |
| Description | Description of the respective resource. |
Risk: The header data of the risk is displayed here.
| Column | Description |
|---|---|
| Code | The abbreviation of the risk. |
| Name | The name of the risk. |
| Description | A detailed description of the risk. |
| Status | Is the risk active, has it been suspended or closed? |
| Assessment gross risk/current risk | Gross risk - The initial risk, before any measures or controls were implemented for its treatment. Current risk - This is the assessment of the risk after taking all implemented treatment measures and controls into consideration How was the risk assessed? - Probability of occurrence: How likely is it that the risk will occur? - Extent of damage: If it occurs, what is the amount of damage done? - RR/Score: The risk score that results from combining the probability of occurrence and the extent of damage. |
Control: The relevant header data of the controls assigned to the risk. If the option "Display measures" is active, the information of the measures is also shown in these columns.
| Column | Description |
|---|---|
| Code | Control code. Measure code. |
| Control objective | The purpose of the control (name of the control). The name of the measure. |
| Description | Description of what will be implemented during the control (control measure). Description of what will be implemented by the measure (measure description). |
| Frequency | How often the control is repeated. The value for measures is "Once". |
| State | Is the control active, has it been suspended or deactivated? (control state) Is the measure open, completed, planned, suspended, or canceled? (measure state) |
| Preventive/Corrective | Is it a preventive or corrective control? For measures, "preventive" is shown for improvement measures and/or "corrective" for corrective measures. |
| Evidence | Documentation of the control execution for controls. The report of the latest accepted progress report or the text "no progress report available" for measures. |
| Responsibility/carried out by | Person responsible for carrying out the control (implementer). Person responsible for the measure. |
| Done on | Date of control execution. Date of the measure completion. |
| Type | This column can be used to distinguish controls and measures, and to filter them. |